diff --git a/static/modsec/l7.conf b/static/modsec/l7.conf
new file mode 100644
index 0000000..f43b834
--- /dev/null
+++ b/static/modsec/l7.conf
@@ -0,0 +1,23 @@
+    testcookie off;
+    testcookie_name DOPEHOSTING;
+    testcookie_secret random;
+    testcookie_session $remote_addr;
+    #testcookie_arg GO;
+    testcookie_httponly_flag on;
+    testcookie_max_attempts 3;
+    testcookie_secure_flag on;
+    testcookie_get_only on;
+    testcookie_p3p 'CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"';
+    testcookie_fallback /cookies.html?backurl=$scheme://$host$request_uri;
+
+    # Those are some ip's whitelisted by me. mostly are search engines. But not everything!
+    testcookie_whitelist {
+        8.8.8.8/32;
+        127.0.0.1/32;
+        # I don't suggest using alot of IPs here as this whitelist can fail!.
+    }
+    testcookie_redirect_via_refresh on;
+    testcookie_refresh_encrypt_cookie on;
+    testcookie_refresh_encrypt_cookie_key random;
+    testcookie_refresh_encrypt_cookie_iv random;
+    testcookie_refresh_template '<html><head><meta http-equiv="refresh" content="0; $testcookie_nexturl"><title>Just a moment please...</title></head><body> </script><script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script><script type=\"text/javascript\" src="//raw.githubusercontent.com/theraw/The-World-Is-Yours/focal-patch/static/modsec/aes.min.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("$testcookie_enc_key"),b=toNumbers("$testcookie_enc_iv"),c=toNumbers("$testcookie_enc_set");document.cookie="DOPEHOSTING="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";</script></body></html>';